Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-74903

Changing to a new authentication configuration erased existing configuration

      I'm sorry saying this, but the only good thing of this plugin is the idea behind it.

       

      I was firstly managing my Jenkins users authorizations with the Role-based Authorization Strategy plugin. At a certain point, I have created Folders onto my Jenkins Controller, so, I needed to have a plugin that could manage roles based on Folders, I have then installed this plugin.

       

      From Manage Jenkins -> Security (Folder-based Authorization plugin documentation still has the old name "Configure Global Security") I have selected the Folder-based Authorization and saved.
      1. This completely wiped out my old Role-based Authorization configuration, without warning me of the behavior

      Once on the Folder-based Authorization plugin UI (I at last expected it to inherit the old Authorization strategy of the Jenkins Controller, but it didn't)...

      2. The text-box made to select permissions (like Build/Read, etc.) was so tiny, it could neither be enlarged

      3. The permissions had to be selected one at a time while keeping Ctrl pressed

      4. The button "Add Role" neither worked at all

       

      I understand that somethings expect feedbacks to improve in time, but they should not damage nothing, in this case my old Role-based Authorization strategies wiped out.

          [JENKINS-74903] Changing to a new authentication configuration erased existing configuration

          Markus Winter added a comment -

          That plugin has no active maintainer currently. It still has some javascript code that relies on the prototype js library which was removed with 2.426.1 from Jenkins so it doesn't work anymore.

          It's always a good idea to take a backup before changing such an essential thing as the security settings.

          Due to the way the authorization settings are implemented it is impossible to inherit from the old config and old settings are lost when changing the auth strategy and saving it.

          And you can also manage roles for folders with role based auth strategy. You just need the right regex expressions.

          Markus Winter added a comment - That plugin has no active maintainer currently. It still has some javascript code that relies on the prototype js library which was removed with 2.426.1 from Jenkins so it doesn't work anymore. It's always a good idea to take a backup before changing such an essential thing as the security settings. Due to the way the authorization settings are implemented it is impossible to inherit from the old config and old settings are lost when changing the auth strategy and saving it. And you can also manage roles for folders with role based auth strategy. You just need the right regex expressions.

          Mark Waite added a comment -

          While we welcome feedback, it is difficult when the feedback starts with:

          the only good thing of this plugin is the idea behind it.

          Changing from one authentication configuration to another authentication configuration generally does not preserve the previous authentication configuration. That's a major configuration change.

          The plugin is not actively maintained. Since the plugin was last released 3 years ago and has a health score of only 89%. The last commit to the plugin repository was over a year ago. The last commit related to a feature was 2.5 years ago. You're welcome to adopt the plugin to improve it.

          Mark Waite added a comment - While we welcome feedback, it is difficult when the feedback starts with: the only good thing of this plugin is the idea behind it. Changing from one authentication configuration to another authentication configuration generally does not preserve the previous authentication configuration. That's a major configuration change. The plugin is not actively maintained. Since the plugin was last released 3 years ago and has a health score of only 89%. The last commit to the plugin repository was over a year ago. The last commit related to a feature was 2.5 years ago. You're welcome to adopt the plugin to improve it.

          Giuliano added a comment -

          mawinter69 
          Thank you for the explanation.
          Yes, I was already managing my permissions with regex.

          Giuliano added a comment - mawinter69   Thank you for the explanation. Yes, I was already managing my permissions with regex.

          Basil Crow added a comment -

          Is this a recent regression or a long-standing issue? If a recent regression, what was the last working version?

          Basil Crow added a comment - Is this a recent regression or a long-standing issue? If a recent regression, what was the last working version?

            abhyudaya Abhyudaya Sharma
            giuliano Giuliano
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated: